Cyber Security Compliance Officer - IT

Cybersecurity compliance officer

Location - Bangalore

Experience - 5-7 Years

CTC: MAX 28 LPA

Qualifications & Competencies:

- Degree or minimum of 5+ years industry experience in information technology or GRC role

- Experience developing or maintaining cybersecurity policies or risk management frameworks

- Experience within enterprise environments, cloud computing, product security, or manufacturing security

- Willingness to raise risks clearly and in productive fashions

- Strong written and verbal communication skills with a collaborative mindset

- Familiarity with NIST Cybersecurity Framework, ISO standards, or other common benchmarks

- Comfortable working in a fast-paced, global organization with dispersed teams

Desired Qualifications:

- Experience working in an Agile, Scrum, or SAFe environment

- Appropriate cybersecurity or risk management certificates, including CRISC, CISSP, GTSRT, etc.

- Experience working with GRC tools, managing policy documentation, and/or actively assessing cybersecurity risk

- Familiarity with agriculture or manufacturing

Roles & Responsibilities :

- The Cybersecurity GRC Analyst plays a cross-functional cybersecurity role in Enterprise Security, Operational Technology, and Product Security. The GRC Analyst will help achieve cybersecurity goals related to governance, risk, and compliance. Using best practices, your days will involve reviewing and ensuring policies and standards are met, staying abreast of the latest regulatory trends, and leading compliance assessment activities.

You will represent the governance, risk, and compliance efforts to ensure applications, systems, and teams are managing resources according to cybersecurity policies. You'll participate and manage the exceptions review process, ensuring that deviations from controls or expectations are appropriately monitored and addressed according to the risks presented. This role will enjoy a varied daily agenda that prioritizes data-driven decisions.

Responsibilities:

- Assist in maintaining an active crosswalk mapping between all policies and standards and the NIST Cybersecurity Framework (CSF), ISO 21434, etc.

- Complete compliance assessments for applications, systems, and activities according to NIST Cybersecurity Framework (CSF)

- Serve as an independent voice for the GRC team

- Maintain the exceptions request process, including documenting and highlighting risks, providing reports, and follow-up with current exceptions

- Assist in defining the annual program calendar for all GRC activities, including compliance audits, risk reviews, and general assessments

- Maintain clear reporting and documentation across projects to aid decision-making, tracking, and KPI/KRI development

- Lead the development of standards and control checks to determine various team and project compliance with policies and standards